Blog
Field notes from the offensive side
Practical writing on penetration testing, attack techniques, and the compliance frameworks that reference them.
How to Scope Your First Penetration Test
A step-by-step guide to scoping your first penetration test: what to define, what to expect on a scoping call, and mistakes to avoid.
Read →SOC 2 Pentest Requirements Explained
Does SOC 2 require a penetration test? What auditors expect, what the report should include, and when to time testing.
Read →Penetration Testing Cost in 2026
What drives penetration testing cost: scope, test type, and timeline, plus realistic price ranges by engagement.
Read →NYDFS 23 NYCRR 500: What Penetration Testing Does the Regulation Actually Require?
A practical guide to the penetration testing and vulnerability assessment requirements in New York's NYDFS Cybersecurity Regulation (23 NYCRR 500) for covered financial entities.
Read →